/*
package com.wyb.springcloud.demo.eurekaclient.config;


import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

import javax.annotation.Resource;

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Resource
    public void configGlobal(AuthenticationManagerBuilder auth) throws  Exception{
        auth.inMemoryAuthentication()
                .passwordEncoder(passwordEncoder()).withUser("admin").password(passwordEncoder().encode("123456")).roles("USER");
        //auth.inMemoryAuthentication().withUser("root").password("123456").roles("USER")
        // .and().withUser("admin").password("123456").roles("USER","ADMIN");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // 表示所有访问都必须进行认证处理后才可以正常进行访问
        http.httpBasic().and().authorizeRequests().anyRequest().fullyAuthenticated();

        // 所有rest服务一定要设置为无状态，以提升操作性能
        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);

        //http.csrf().disable();//关闭csrf

    }

    private PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

}*/
